In the weeks following the midterm elections, political pundits will scramble to explain why the vote turned out the way it did. While you’re likely to hear plenty about economic anxiety and partisan resentment, there will certainly be whispers, and probably some shouts, about election security.

Were all the votes counted? Were any votes switched? Did someone … meddle???

These concerns are particularly salient now, following the 2016 election that saw Russian hackers launch attacks on voting systems in 39 states. As far as we know, these hacks were restricted to voter databases; there is no evidence that vote tallies were affected. But cyber espionage is stealthy by nature, and the prospect of a more pernicious hack going unnoticed served as a wake-up call for the intelligence community and some of our elected representatives.

In order to fortify voting infrastructure for the 2018 midterms, Congress doled out $380 million across the country earlier this year (a proposal for an additional $250 million was voted down by Senate Republicans in August). For the most part, the funds went to either purchasing new voting and tabulating machines or bolstering cybersecurity. But for many states, this was not enough money to completely revamp voting systems: old technology persists, and cybersecurity is an arms race, not a quick fix.

Old, bad technology

Already, we are seeing the consequences of our dilapidated infrastructure. According to NBC News, most voting machines are around 15 years old. As election technology researcher Greg Miller told NBC, our election hardware and software “relies on a diet of spare parts.”

Combine old machines with bureaucratic incompetence (or, dare we say, nefariousness) and you get a situation like in Georgia, where one precinct reportedly had its voting machines go down after they ran out of battery and it turned out that power cords were not provided.

Vote tabulation machines have been breaking at polls across New York City, leading to long waits and voters leaving as people were forced to insert their ballots into fewer operational machines.

At my voting location in Brooklyn they just announced that only ONE MACHINE is working. 300 of us in line.

Rain depresses voter turnout, and apparently the attendant humidity can also break vote tabulators. In North Carolina, some machines stopped working because of “high humidity levels,” according to the North Carolina State Board of Elections.

There is a contingency plan: store the ballots, hope it’s not humid forever, and run them through the machines later. But introducing more steps into an already arcane process creates more room for error. And if machines break in one of the 14 states where there is no paper record of votes, it’s unclear how they would be counted.

This isn’t just a hypothetical. Texas is one of the states without a paper trail, and a small handful of early voters reported having their votes switched by Texas’s electronic voting machines. In this case, it was the result of shoddy design: if voters selected the option to vote straight ticket and attempted to move to the next screen too quickly, the machine would sometimes change one or more of their selections. As of last week, there had been fewer than 20 complaints (all from people who had successfully fixed their ballot), according to the Washington Post. But it's entirely possible that some people didn't notice the inadvertent vote switch and mistakenly cast the wrong ballot.

Texas’s stopgap solution — double check your ballot — might end up being a long-term solution, too. Without another massive cash infusion, it’s unclear where the state would get the money to buy new machines. Louisiana recently estimated the cost of replacing its 10,000 voting machines to be upwards of $90 million.

Cybersecurity concerns

Leading up to the 2018 election, hackers have had “limited success” trying to breach state voter systems, according to an internal Department of Homeland Security report reviewed by the Boston Globe. These attempted hacks have been aimed at election-adjacent systems, like voter registration databases. Of course, it’s always possible that other hacks have simply gone undetected or unannounced. We didn’t know about the coordinated hacking efforts during the 2016 election until nearly a year after the fact, and “limited success” is perhaps the least inspiring thing DHS could say other than “Mission Accomplished.”

Targeting of voter databases could certainly have ramifications for future elections as part of a misinformation campaigns, but there’s no evidence that these attempted hacks could alter today’s vote. In a press release on Monday, DHS said there is “no indication of compromise of our nation’s election infrastructure that would prevent voting, change vote counts, or disrupt the ability to tally votes.”
Still, if you’re going to count votes on a computer, you have to invest in improving cybersecurity year after year. Unless you’re going to switch over to an abacus for vote tallying, it’s imperative to continuously update aging software.

Could all of these election security issues be fixed by the 2020 presidential election? Well, it might depend on how the vote goes today. Conservatives are generally opposed to spending additional funds on election security, and most work to prevent fair elections from happening via restrictive voter ID laws and other forms of discrimination. Short of rebranding cybersecurity as “a firewall to keep out illegal votes,” it’s unclear what could persuade them to change their position, especially considering that faulty voter machines are excellent vote suppressors.